Brexit: IoT to the rescue?

For retailers, speed and efficiency in supply chains are paramount. With the possibility of a "hard" or "no deal" Brexit, retailers must adapt to a new operating environment. The UK government is exploring the potential for highly streamlined technology-based procedures to preserve frictionless borders. The Internet of Things (IoT) could play an important role, but also comes with a range of legal implications.

Getting into the blue lane?

Theresa May has acknowledged the possibility of a "no deal" Brexit and confirmed that the government is making contingency plans in case of this outcome. Of particular concern is the movement of goods entering or leaving the UK through Roll-on-Roll-off ports or terminals due to limited holding space and pressures stemming from up to 130,000 businesses trading with Europe having to grapple for the first time with border checks.

The UK could learn a lot from Singapore's technology-based "single window" import system, allowing customs declarations and other regulatory or security requirements to be dealt with through one portal, rather than having to navigate different systems or departmental websites. However, that would not in itself speed commercial traffic through border checks. Physical checks, and therefore delays, would remain a feature of border procedures. Consequently, there is a pressing need to explore further layers of technology-based support to achieve something closer to "frictionless" borders.

Any viable solution requires a combination of technologies. In the containers themselves, optical number plate recognition systems might confirm the identity and origin of tractor units. IoT tags and GPS data could confirm that container units are tracked and that they are associated with the correct tractor unit. The container's contents might also be tagged to confirm provenance together with other key data points such as the relevant product code for customs purposes. IoT-connected temperature gauges and CO2 detectors might be added to provide data relating not only to the condition of perishable goods, but also to alert border officials to any need to check for illegal immigrants. Once checked at its point of origin or at the first border crossed, real-time data transfers confirming that nothing has changed would allow authorised traders to speed unimpeded through a border control "blue lane".

Mobile and fixed sensors at the UK port could test for contraband, disease, weapons and other undesirable contents as containers are offloaded from trucks and ships. Port authority analysis may begin to forgo opening vehicles for faster external scans using IoT equipment. Deeper analytics will allow the port master to make more accurate predictions of theft, smuggling, and damage with minimal stoppage of flow.
Any such system would, of course, involve cost and require either a compelling business case or strong regulatory drivers. One possible avenue would be to include participation as a component of Approved Economic Operator (AEO) status, qualifying a business for "blue lane" access. Given that it stems from the World Trade Organisation "trusted trader" concept, and has both customs and security aspects, AEO status will remain crucial whatever the outcome of Brexit negotiations.

Data and cyber security

Security and data law compliance are key areas of concern, both for retailers and in relation to any government decision to implement or tap into technological solutions to overcome trade barriers.

The proliferation of IoT devices presents risk. Inadequately-secured IoT devices may be hijacked for their valuable commercial data and even combined to launch large-scale distributed denial of service attacks. Discussions about liability for such attacks remain speculative. Lawyers are actively discussing whether negligence-based liability might land on the owner or operator of insecure equipment in addition to the criminal instigators of such attacks.

The General Data Protection Regulation (GDPR) comes into operation on 25 May 2018. Its key features will be replicated post-Brexit by the UK's Data Protection Bill. The legislation sits uneasily with the blockchain and distributed ledger technology likely to underpin any IoT-connected border solution. In particular, distributed ledger involves replicating data to each node (or participating computer) within the network, creating multiple avenues for data exposure and a significant risk of breach. Those concerns mean that any solution adopted by the UK government could require a "permissioned" or access-controlled blockchain.

Retailers would also have to be confident about security in any such system. Incidents such as the "DAO hack" of June 2016 demonstrate that coding vulnerabilities can be exploited for fraudulent purposes. Committing commercially sensitive information, such as contract terms or product volumes, to a distributed ledger requires a high degree of security assurance, bringing administrative burdens which potentially limit its ability to cope with the anticipated scale of post-Brexit customs, security and compliance checks.

The UK government had a headstart in relation to blockchain and distributed ledger. In January 2016 Chief Scientific Adviser Sir Mark Walport's report flagged the technology's potential to reduce fraud, error and the cost of paper intensive processes. Since then, UK government attention has been diverted by Brexit. Other jurisdictions are pulling ahead. Singapore aims to deploy the technology to secure its position as a global trading hub, while in the US States such as Delaware have legislated to encourage blockchain, distributed ledger and IoT as key enabling technologies for business. The UK has some catching up to do.

Brexit may yet be deferred for a transition period. However, the clock is ticking and any technology-based solution to border issues may be deployed soon. To meet the challenges identified in the BRC Customs Roadmap, retailers should consider the risks and engage in the process of implementing a technology-based system capable of meeting the post-Brexit challenge.

Partner, US

We use cookies to enhance your experience of our website. By using our website you consent to the use of cookies. For more information about cookies, please use the "Cookies" link at the bottom of the page at any time or click here.

"Womble Bond Dickinson", the “law firm” or the "firm" refers to the network of member firms of Womble Bond Dickinson (International) Limited, consisting of Womble Bond Dickinson (UK) LLP and Womble Bond Dickinson (US) LLP. Each of Womble Bond Dickinson (UK) LLP and Womble Bond Dickinson (US) LLP is a separate legal entity operating as an independent law firm. Womble Bond Dickinson (International) Limited does not practise law. Please see www.womblebonddickinson.com/legal-notices for further details.

You are switching to the United States

This selection will switch the website from presenting information primarily about the United Kingdom to information about the United States. If you would like to switch back, you may use location selection options at the top of the page.

Please make the United States my default location.

Contact

Although we would like to hear from you, we cannot represent you until we know that doing so will not create a conflict of interest. Also, we cannot treat unsolicited information as confidential. Accordingly, please do not send us any information about any legal matter until we authorize you to do so. To initiate a possible representation, please call one of our lawyers or staff members.

By clicking the “ACCEPT” button, you agree that we may review any information you transmit to us. You recognize that, even if you submit information that you consider confidential in an effort to retain us, our review of that information will not create an obligation on us to keep it confidential and will not preclude us from representing another client directly adverse to you, even in a matter where that information could and will be used against you.

Please click the “ACCEPT” button if you understand and accept the foregoing statement and wish to proceed.